aboutsummaryrefslogtreecommitdiffstats
path: root/config/squid3/33/squid_reverse.inc
diff options
context:
space:
mode:
Diffstat (limited to 'config/squid3/33/squid_reverse.inc')
-rwxr-xr-xconfig/squid3/33/squid_reverse.inc39
1 files changed, 28 insertions, 11 deletions
diff --git a/config/squid3/33/squid_reverse.inc b/config/squid3/33/squid_reverse.inc
index 34ff2366..a6b81c0b 100755
--- a/config/squid3/33/squid_reverse.inc
+++ b/config/squid3/33/squid_reverse.inc
@@ -89,9 +89,6 @@ function squid_resync_reverse() {
if(!empty($settings['reverse_ip'])) {
$reverse_ip = explode(";", ($settings['reverse_ip']));
foreach ($reverse_ip as $reip) {
- //IPv6 Addresses need to be enclosed in brackets
- if (strpos($reip, ':')) $reip = '[' . $reip . ']';
-
//HTTP
if (!empty($settings['reverse_http']))
$conf .= "http_port {$reip}:{$http_port} accel defaultsite={$http_defsite} vhost\n";
@@ -103,14 +100,23 @@ function squid_resync_reverse() {
//PEERS
if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])))
- $conf .= "cache_peer {$settings['reverse_owa_ip']} parent 443 0 proxy-only no-query originserver login=PASS connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_pfs\n";
-
+
+ if(!empty($settings['reverse_owa_ip'])) {
+ $reverse_owa_ip = explode(";", ($settings['reverse_owa_ip']));
+ $casnr = 0;
+ foreach ($reverse_owa_ip as $reowaip) {
+ $casnr++;
+ $conf .= "cache_peer {$reowaip} parent 443 0 proxy-only no-query originserver login=PASSTHRU connection-auth=on ssl sslflags=DONT_VERIFY_PEER front-end-https=on name=OWA_HOST_443_{$casnr}_pfs\n";
+ $conf .= "cache_peer {$reowaip} parent 80 0 proxy-only no-query originserver login=PASSTHRU connection-auth=on name=OWA_HOST_80_{$casnr}_pfs\n";
+ }
+ }
+
$active_peers=array();
if (is_array($reverse_peers))
foreach ($reverse_peers as $rp){
if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
$conf_peer = "#{$rp['description']}\n";
- $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS round-robin ";
+ $conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASSTHRU connection-auth=on round-robin ";
if($rp['protocol'] == 'HTTPS')
$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
$conf_peer .= "name=rvp_{$rp['name']}\n\n";
@@ -173,10 +179,11 @@ function squid_resync_reverse() {
array_push($owa_dirs,'Microsoft-Server-ActiveSync');
if($settings['reverse_owa_rpchttp'])
array_push($owa_dirs,'rpc/rpcproxy.dll','rpcwithcert/rpcproxy.dll');
+ if($settings['reverse_owa_mapihttp'])
+ array_push($owa_dirs,'mapi');
if($settings['reverse_owa_webservice']){
array_push($owa_dirs,'EWS');
- //$conf .= "ignore_expect_100 on\n"; Obsolete on 3.3
- }
+ }
}
if (is_array($owa_dirs))
foreach ($owa_dirs as $owa_dir)
@@ -184,9 +191,12 @@ function squid_resync_reverse() {
if (($settings['reverse_owa'] == 'on') && (!empty($settings['reverse_owa_ip'])) && ($settings['reverse_owa_autodiscover'] == 'on')) {
$reverse_external_domain = strstr($settings['reverse_external_fqdn'], '.');
+ $conf .= "acl OWA_URI_pfs url_regex -i ^http://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";
+ $conf .= "acl OWA_URI_pfs url_regex -i ^https://{$settings['reverse_external_fqdn']}/AutoDiscover/AutoDiscover.xml\n";
+ $conf .= "acl OWA_URI_pfs url_regex -i ^http://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
$conf .= "acl OWA_URI_pfs url_regex -i ^https://autodiscover{$reverse_external_domain}/AutoDiscover/AutoDiscover.xml\n";
}
- }
+ }
//$conf .= "ssl_unclean_shutdown on";
if (is_array($reverse_maps))
foreach ($reverse_maps as $rm){
@@ -212,8 +222,15 @@ function squid_resync_reverse() {
//ACCESS
if ($settings['reverse_owa'] == 'on' && !empty($settings['reverse_owa_ip']) && $settings['reverse_https'] =="on") {
- $conf .= "cache_peer_access OWA_HOST_pfs allow OWA_URI_pfs\n";
- $conf .= "cache_peer_access OWA_HOST_pfs deny allsrc\n";
+
+ for($cascnt=1;$cascnt<$casnr+1;$cascnt++)
+ {
+ $conf .= "cache_peer_access OWA_HOST_443_{$cascnt}_pfs allow OWA_URI_pfs\n";
+ $conf .= "cache_peer_access OWA_HOST_80_{$cascnt}_pfs allow OWA_URI_pfs\n";
+ $conf .= "cache_peer_access OWA_HOST_443_{$cascnt}_pfs deny allsrc\n";
+ $conf .= "cache_peer_access OWA_HOST_80_{$cascnt}_pfs deny allsrc\n";
+ }
+
$conf .= "never_direct allow OWA_URI_pfs\n";
$conf .= "http_access allow OWA_URI_pfs\n";
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-16 15:24:28 +0000